Howto Automount SSHFS Location

We’ll use username cherry at the remote location.

Serverside

Set up chroot (optional) (as root):

• enable only SCP and disable SSH for cherry
• set permissions to root for chrooted directory
• create data directory in home, because chroot won’t enable to create file or directory in root of chrooted folder

Add following snippet to /etc/ssh/sshd_config:

Match User cherry
       ChrootDirectory /home/cherry
       ForceCommand internal-sftp
       AllowTcpForwarding no
       X11Forwarding no

Set correct permissions and create data directory:

chown root:root /home/
chown root:root /home/cherry
mkdir /home/cherry/data
chown cherry:cherry /home/cherry/data
/etc/init.d/sshd reload
# systemctl reload sshd

Clientside

Install SSHFS:

apt-get install sshfs

Generate SSH key, choose no password:

ssh-keygen -t ed25519

Copy the public key:

cat .ssh/id_ed25519.pub

You’ll see something like:

ssh-ed25519 AAAAC3blah cherry@localhost.localdomain

Serverside

(as root or cherry) And paste it into authorized_keys into /home/cherry/.ssh/:

mkdir .ssh
vim /home/cherry/.ssh/authorized_keys
<paste it there and save>
chown -R cherry:cherry /home/cherry/.ssh

Clientside

Add record to /etc/fstab, select correct IP address or domain and username:

cherry@192.168.1.1:./data  /home/cherry/turris  fuse.sshfs noauto,x-systemd.automount,_netdev,user,idmap=user,follow_symlinks,identityfile=/home/cherry/.ssh/id_ed25519,exec,allow_other,default_permissions,uid=1000,gid=100 0 0

This will create deferred mount record. Dolphin can see it and mount. allow_other is required, because at boot time mounting is done via root, not local user. Set uid and gid to numbers of local user (from /etc/passwd and /etc/group). Allows to run executables. To disallow, remove exec option.

That’s all.